[ale] Fwd: Under Attack, my dns servers
James Sumners
james.sumners at gmail.com
Mon Oct 6 13:36:20 EDT 2014
On Mon, Oct 6, 2014 at 1:14 PM, Lightner, Jeff <JLightner at dsservices.com>
wrote:
> You can and SHOULD turn off recursion from external facing interface as
> anyone coming to you should only be resolving the domains for which you are
> authoritative. You can leave recursion on for the internal facing network
> but should do that only if your internal folks use your DNS servers to
> resolve external domains (e.g. google.com, yahoo.com etc…).
PowerDNS makes this _super_ easy -- https://www.powerdns.com
--
James Sumners
http://james.roomfullofmirrors.com/
"All governments suffer a recurring problem: Power attracts pathological
personalities. It is not that power corrupts but that it is magnetic to the
corruptible. Such people have a tendency to become drunk on violence, a
condition to which they are quickly addicted."
Missionaria Protectiva, Text QIV (decto)
CH:D 59
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20141006/141516ea/attachment.html>
More information about the Ale
mailing list